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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER. FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)S Responsive to communication(s) filed on 01 November 2004 . 
2a)\3 This action is FINAL 2b)S This action is non-final. - 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-12 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 13 Claim(s) 1-12 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 17 March 2004 is/are: a)n accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) S The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)nAII b)n Some * c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) Kl Notice of References Cited (PTO-892) 4) G Inten/iew Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) Infornriation Disclosure Statemenl(s) (PTO/SB/08) 5) O Notice of Informal Patent Application 
Paper No(s)/Mail Date 11/01/04 , 6) □ Other; . 
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DETAILED ACTION 
Drawings 

1 . New corrected drawings in compliance with 37 CFR 1 .121(d) are required in this 
application because the drawings filed on 03/17/04 are informal. The purpose of 
drawings is to enable the understanding of the subject matter sought to be patented. 
However, applicant's submitted informal drawings require the specification to 
understand each objects presented in the drawings, since some of the labels are not 
clear (e.g. see label S2 (WOKKING MEMORY) or S4 (AS ?D1T DATABASE) in Fig. 
2). 

Applicant is advise to employ the services of a competent patent draftsperson 
outside the Office, as the U.S. Patent and Trademark Office no longer prepares new 
drawings. The corrected drawings are required in reply to the Office action to avoid 
abandonment of the application. The requirement for corrected drawings will not be 
held in abeyance. 

2. Corrected drawing sheets are required in reply to the Office action to avoid 
abandonment of the application. Any amended replacement drawing sheet should 
include all of the figures appearing on the immediate prior version of the sheet, even 
if only one figure is being amended. The figure or figure number of an amended 
drawing should not be labeled as "amended." If a drawing figure is to be canceled, 
the appropriate figure must be removed from the replacement sheet, and where 
necessary, the remaining figures must be renumbered and appropriate changes 
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made to the brief description of the several views of the drawings for consistency. 
Additional replacement sheets may be necessary to show the renumbering of the 
remaining figures. The replacement sheet(s) should be labeled "Replacement 
Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion 
of the drawing figures. If the changes are not accepted by the examiner, the 
applicant will be notified and informed of any required corrective action in the next 
Office action. The objection to the drawings will not be held in abeyance. 

Oath/Declaration 

3. The Oath/Declaration is objected to because it does not identify the mailing address 
of the inventor. A mailing address is an address at which an inventor customarily 
receives his or her mail and may be either a home or business address. The mailing 
address should include the ZIP Code designation. The mailing address may be 
provided in an application data sheet or a supplemental oath or declaration. See 37 
CFR 1.63(c) and 37 CFR 1.76. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his Invention. 

4. Claims 1-12 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
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that applicant regards as the invention. Claims 1-12 appear to have problems with 
articles as well as consistency in reference to keys. For example, "key" in claims 8 
lacks antecedent basis. The limitation of claim 9 recite "key usage", but in claim 1 1 
the term "the key usage" is used. Furthermore, it is not clear to which "the secret 
key" claim 4 refer. Claim 4 is dependent on claim 1 recites "a secret key" to which a 
key server provides access and "a secret key" that a user is in possession of 
(although the examiner is not completely sure whether the second "a secret key" 
should not read "the secret key"). It is also not clear whether the claim language 
(e.g. claim 6-7) attempts to distinguish terms: "a key"/"the keys" from "a secret 
key"/"the secret key", or whether it refers to a generic event involving "a secretVthe 
secret key". The terms "key access" and "key usage" (e.g. claim 8) is similarly not 
clear. 

Applicant should ensure that the claim language is clear and consistent, and that 
any amendments are supported by the original specification. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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5. Claims 1-3 and 5-12 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Feghhi et al. (Jala! Feghhi, Jail! Feghhi, Peter Williams, "Digital Certificates 
Applied Internet Security, 1999, ISBN: 0201309807). 

Fegghi discloses a resource server (IIS server), that provides access to resources 
to authorized users (introduction in "Secure Web Communications-Client 
Authentication", pg. 323 and details disclosed in "Enabling SSL Client 
Authentication" and "Mapping Client Certificates to User Accounts", pg. 331-333), 
wherein authorization of a user is determined, at least in part, by the user's 
possession of a secret key (certificates include secret keys, see pg. 66-68, for 
example), a key server, that provides access to a secret key by an authorized user 
("Getting a Client Certificate from a CA", pg. 326-327") 

6. Although Fegghi discloses a key server audit database (e.g. "Certificate Revocation 
Lists (CRLs)", pg. 74), Fegghi does not disclose a resource server audit database, 
and a usage analyzer that analyzes the key server audit database and the resource 
server audit database to compare events therein. 

However, the use of audit database on resource servers is well known in the art of 
computer security (e.g. Smith) and it would have been obvious to one of ordinary 
skill in the art at the time of applicant's invention to implement audit database on 
resource servers given the benefit of increased security. 

Also, comparing suspicious events in the resource server audit database with the 
key server audit database would have been obvious to an ordinary artisan in the art 
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of computer security, given the benefit of security (the key server audit database 
provides additional security information regarding the secret keys, in particular 
whether the keys are valid, see "Certificate Revocation Lists (CRLs)", pg. 74-76). 

7. As per claims 2 and 3, even though, it is clear that the key server disclosed by 
Fegghi Is an application server (CA server) and the resource server is a transaction 
server (IIS server), the examiner points out that the limitation as cited attempt to 
simply limit the limitation by providing a specific name to particular components. 
However, a particular naming of the components would not affect the functionality of 
Fegghi's invention. 

8. As per claim 5-9, the limitations are obvious variation of security policies well known 
in the art (secure events are time and frequency sensitive (Kerberos, Windows Log 
in etc.), access restriction limitation based on source/destination address (e.g. 
commonly implemented in firewalls)). Thus implementing a particular security 
features recited in claims 5-9 would have been an obvious variation well known in 
the art. One would have been motivated to use them especially in light of the 
benefits of these security features as evidenced by their commercial success. 

9. As per claim 10, the examiner points out that, there are inherently two obvious 
choices of performing any actions, in real-time and not in real-time, wherein each 
option is an obvious variation of another. Furthermore, the real-time responses are 
well known in the art of computer science and it would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to analyze and compare 
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audit database record in real-time given the benefit of computer efficiency (note that 
most of the logs are created in real-time). 

10. The limitations of claim 1 1 are implicit: any security violation would trigger 
disablement of an access that is based on the secret key. 

1 1 .As per claim 12, any comparison of logs discussed above must involve two 

computers and the examiner points out that the placement of a usage analyzer (on 
the key server or key client) would have been an obvious variation not affecting 
functionality of Fegghi's invention. Additionally, the examiner points out that a client 
(e.g. a resource server) requesting a server (a key server) to process data (validate 
the secret key) is a standard feature in the client/server environment. 

Conclusion 

Claim 4 is a subject to the 35 USC § 1 12 rejection (see above). However, the art of 
record does not teach or suggest the limitations (as best understood) of claim 4. 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

Sarbari Gupta, "Security Characteristics of Cryptographic Mobility Solutions", 1st 
Annual PKI Research Workshop— Proceedings, July 02, 

Sampo Sovio, N. Asokan, Kaisa Nyberg, "Defining Authorization Domains Using 
Virtual Devices", Nokia Research Center, Helsinki Finland, January 2003. 
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Any inquiry concerning this communication or earlier communications from tlie 
examiner sliould be directed to Peter Poltorak whose telephone number is (571) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571) 272-381 1 . The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 




